[milters] Archive

Lists Index Date Thread Search

Article: 1065
From: Hans Svensson
Date: 2010-09-08 13:36:16 -0400
Subject: Re: fixcrio in milter

This is a multi-part message in MIME format.
--------------090909080909070904040303
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Thanks for your input! I forgot to mention that this crlf problem is of
concern only when it comes to relaying our customer's mail.


2010-09-08 17:21, Anthony Howe skrev:
> On 08/09/2010 16:51, Geoff Adams whispered from the shadows...:
>> On 8 Sep 2010, at 10:24 AM, Anthony Howe wrote:
>> 
>>> I am unaware of any bare LF issues in the current versions of my
>>> milters.
>> 
>> I read the Hans's note as a request for a feature (well, a request
>> to know if your milters have the feature) to fix up line endings
Exactly!

>> in messages that come in incorrectly in the first place. Honestly,
>> I can't
> That's not the milter's job, that is for the MUA or MSA to do at the 
> point of insertion into the mail system; the sender is responsible
> for making sure the message conforms. The reason for this is simple
> when you consider DKIM/PGP signed messages; body modifications would
> break digital signatures. Also the fact that messages that fail to
> handle generate properly formatted messages might be considered a
> spam sign.
> 
> Then there is the issue that some unix MTAs will receive the message
> via SMTP with CRLF ending, save it to a queue / temp. file with LF
> endings and it is that file contents that is passed to the milter.
> I've not checked if sendmail or postfix do this recently.
> 
>> say I've seen a problem with that in real mail, but perhaps qmail
>> is
> 
> qmail is rubbish IMO. The two MTAs I've had the most trouble with in
> the past have been qmail and Exchange. (infer rant here)
The largest (?) mail provider in Sweden, Loopia, use qmail. They also
have the starttls patch in their setup so if they wanted to use fixcrio
they would have to have a patched version (I found a reference here:
http://kb.parallels.com/en/6763). DKIM wouldn't be a problem if the
crlf
is fixed before milter-dkim signs? PGP looks impossible.


>> more strict in this regard. I'd expect that that's a feature,
>> though, and that any incoming mail that has incorrect line endings
>> would likely be spam, and best rejected.
Hmm, there's another thing about it: If we reject a relay attempt then
the sender will know immediately that sending failed (good thing).
Otherwise sendmail will try to deliver until it times out. If you run a
qmail server you probably have more resources used if you reject than if
you use fixcrio. That's because the connection is closed by a timeout,
and the sending MTA will be back knocking soon again. At least that what
shows in my sendmail logs when I grep for
"http://pobox.com/~djb/docs/smtplf.html."


> Yes. Still this is an issue with the MTA, not the milter which is
> just a plugin for the MTA. So if there is a LF vs CRLF issue, that
> should be directed at sendmail / postfix.
> 
>> Judging by the link Hans included, it seems like sending LFs
>> instead of CRLFs, which is strictly forbidden by the relevant RFCs,
>> will cause other problems for the sender, as well. Further, the
>> noted sending MTA versions that exhibit this problem are quite old.
>> Actually, pretty much ancient. It doesn't seem like this should be
>> a problem today.
> 
> It shouldn't be and I would have heard of these issues years ago when
> I first wrote the milters. In BarricadeMX, which handles the SMTP 
> connection directly, I've gone to great lengths to handle LF vs CRLF 
> issues as best as I can. In the milters however they are feed the
> data from the MTA, so it is upto the MTA to ensure that data
> corresponds to the original received. And as a rule, no SnertSoft
> milter modifies body content, only headers and that case
> libmilter/sendmail/postfix handle newline conversion/additions.
> 
>> Hans, why don't you get the senders to correct the actual problem,
>> if I understand correctly, and there are sending MTAs violating the
>> SMTP spec?
I told this sender that the easiest would be if she used the same
version of MUA as the others working in her office. One would think her
2010 version of Entourage would have less bugs than her colleagues' 2008
version.


> This is most likely the case. A very old MTA.
> 
> Still Hans' bug report/enhancement is too vague. It mentions four 
> milters and no version numbers.
The milters are ok, fantastic and latest version. Updating sendmail
sounds like a good idea. If that doesn't help and I still want to go
with a milter solution then milter-cli somehow calling fixcrio could fix
it?



//Hans





--------------090909080909070904040303
Content-Type: text/x-vcard; charset=utf-8;
 name="hans.vcf"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="hans.vcf"

YmVnaW46dmNhcmQNCmZuOkhhbnMgU3ZlbnNzb24NCm46U3ZlbnNzb247SGFucw0Kb3JnOlJ5
bWR3ZWIgQUINCmFkcjtxdW90ZWQtcHJpbnRhYmxlOjs7Qm94IDU4MztNYWxtPUMzPUI2Ozsy
MDEgMjU7U3ZlcmlnZQ0KZW1haWw7aW50ZXJuZXQ6aGFuc0ByeW1kd2ViLmNvbQ0KdGl0bGU6
U3lzb3ANCnRlbDt3b3JrOjA4LTUyNTA5NDQ0DQp1cmw6aHR0cDovL3J5bWR3ZWIuY29tLw0K
dmVyc2lvbjoyLjENCmVuZDp2Y2FyZA0KDQo=
--------------090909080909070904040303--

Lists Index Date Thread Search